From ee563e27a017c98f230aa22728e15c0db68dd83e Mon Sep 17 00:00:00 2001
From: Bryan Joshua Pedini <b.pedini@bjphoster.com>
Date: Sun, 23 Jul 2023 15:28:14 +0200
Subject: [PATCH] first code commit portainer deployment

---
 .gitignore         |  2 ++
 docker-compose.yml | 53 ++++++++++++++++++++++++++++++++++++++++++++++
 env.example        | 26 +++++++++++++++++++++++
 3 files changed, 81 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 docker-compose.yml
 create mode 100644 env.example

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..fb58dee
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+.env
+data
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..4f2490c
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,53 @@
+---
+services:
+  portainer:
+    image: portainer/portainer-ce:${PORTAINER_VERSION}
+    restart: unless-stopped
+    command: -H unix:///var/run/docker.sock
+    labels:
+      ### Section Træfik
+      - traefik.enable=${TRAEFIK_ENABLED}
+      - traefik.docker.network=${TRAEFIK_NETWORK}
+      ## HTTP
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.entrypoints=http
+      # redirect to HTTPS only
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.middlewares=${TRAEFIK_HTTP_MIDDLEWARES}
+      - traefik.http.routers.http-${TRAEFIK_ROUTER}.rule=${TRAEFIK_MATCHRULE}
+      ## HTTPS UI
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.entrypoints=https
+      # configure the exposed service
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.middlewares=${TRAEFIK_HTTPS_MIDDLEWARES}
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.rule=${TRAEFIK_MATCHRULE}
+      # enable TLS and its certificate provider
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls=${TRAEFIK_TLSENABLED}
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.tls.certresolver=${TRAEFIK_CERTRESOLVER}
+      # specify a service so a custom port can be used
+      - traefik.http.services.${TRAEFIK_SERVICE}.loadbalancer.server.port=${TRAEFIK_SERVICE_PORT}
+      - traefik.http.routers.https-${TRAEFIK_ROUTER}.service=${TRAEFIK_SERVICE}
+      ## HTTPS Edge
+      - traefik.http.routers.https-${TRAEFIK_EDGEROUTER}.entrypoints=https
+      # configure the exposed service
+      - traefik.http.routers.https-${TRAEFIK_EDGEROUTER}.middlewares=${TRAEFIK_HTTPS_MIDDLEWARES}
+      - traefik.http.routers.https-${TRAEFIK_EDGEROUTER}.rule=${TRAEFIK_EDGEMATCHRULE}
+      # enable TLS and its certificate provider
+      - traefik.http.routers.https-${TRAEFIK_EDGEROUTER}.tls=${TRAEFIK_TLSENABLED}
+      - traefik.http.routers.https-${TRAEFIK_EDGEROUTER}.tls.certresolver=${TRAEFIK_CERTRESOLVER}
+      # specify a service so a custom port can be used
+      - traefik.http.services.${TRAEFIK_EDGESERVICE}.loadbalancer.server.port=${TRAEFIK_EDGESERVICE_PORT}
+      - traefik.http.routers.https-${TRAEFIK_EDGEROUTER}.service=${TRAEFIK_EDGESERVICE}
+      ### Section Diun
+      - diun.enable=${DIUN_ENABLE}
+      - diun.watch_repo=${DIUN_WATCHREPO}
+      - diun.sort_tags=${DIUN_SORTALGO}
+      - diun.include_tags=${DIUN_INCLUDE}
+      - diun.exclude_tags=${DIUN_EXCLUDE}
+    networks:
+      - traefik
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ${PORTAINER_DATA}:/data
+
+networks:
+  traefik:
+    external: true
+    name: ${TRAEFIK_NETWORK}
diff --git a/env.example b/env.example
new file mode 100644
index 0000000..de5465f
--- /dev/null
+++ b/env.example
@@ -0,0 +1,26 @@
+# Træfik
+TRAEFIK_ENABLED=true
+TRAEFIK_NETWORK=traefik
+TRAEFIK_ROUTER=portainer_example_com
+TRAEFIK_SERVICE=portainer_example_com
+TRAEFIK_SERVICE_PORT=9000
+TRAEFIK_MATCHRULE=Host(`portainer.example.com`)
+TRAEFIK_EDGEROUTER=edge_portainer_example_com
+TRAEFIK_EDGESERVICE=edge_portainer_example_com
+TRAEFIK_EDGESERVICE_PORT=8000
+TRAEFIK_EDGEMATCHRULE=Host(`edge.portainer.example.com`)
+TRAEFIK_TLSENABLED=true
+TRAEFIK_CERTRESOLVER=letsencrypt
+TRAEFIK_HTTP_MIDDLEWARES=http-to-https
+TRAEFIK_HTTPS_MIDDLEWARES=hsts
+
+# Diun
+DIUN_ENABLE=true
+DIUN_WATCHREPO=true
+DIUN_SORTALGO=semver
+DIUN_INCLUDE=
+DIUN_EXCLUDE=
+
+# Portainer
+PORTAINER_VERSION=2.18.4-alpine
+PORTAINER_DATA=./data